Experts Offer Advice for Developing Secure Cloud Applications

December 7, 2013 Off By David
Object Storage

Grazed from DarkReading. Author: Brian Prince.

Building security into the application development process has always been a challenge. The reality of cloud computing however introduces new hurdles that need to be identified and climbed.   In a new paper, the Cloud Security Alliance (CSA) and the Software Assurance Forum for Excellence in Code (SAFECode) joined forces to release guidance to help developers navigate the sometimes troubled waters of application security. The report is focuses on security considerations for platform-as-a-service (PaaS), though the authors say the advice in the paper is relevant to software-as-a-service (SaaS) and infrastructure-as-a-service (IaaS) as well.

"Among all of the cloud security challenges, this report is focused on the challenges faced by software developers who are developing applications for the cloud," says Eric Baize, senior director of the product security office with EMC. "Most of the activities required to develop secure software for the cloud are identical to the fundamental security practices required for any software. However, cloud has some unique characteristics that demand some customization of these practices."…

The most notable among these is multi-tenancy, says Baize. Multi-tenancy, the report explains, allows multiple consumers or tenants to maintain a presence in a cloud service provider’s environment in a manner where the computations and data of one tenant are isolated from other tenants…

Read more from the source @ http://www.darkreading.com/applications/experts-offer-advice-for-developing-secu/240164509